diff --git a/bandit.yaml b/bandit.yaml index b5b1482dff..e21301446e 100644 --- a/bandit.yaml +++ b/bandit.yaml @@ -16,9 +16,7 @@ # B106 : hardcoded_password_funcarg # B107 : hardcoded_password_default # B108 : hardcoded_tmp_directory -# B109 : password_config_option_not_marked_secret # B110 : try_except_pass -# B111 : execute_with_run_as_root_equals_true # B112 : try_except_continue # B201 : flask_debug_true # B301 : pickle @@ -42,6 +40,9 @@ # B319 : xml_bad_pulldom # B320 : xml_bad_etree # B321 : ftplib +# B322 : input +# B323 : unverified_context +# B325 : tempnam # B401 : import_telnetlib # B402 : import_ftplib # B403 : import_pickle @@ -54,12 +55,15 @@ # B410 : import_lxml # B411 : import_xmlrpclib # B412 : import_httpoxy +# B413 : import_pycrypto +# B414 : import_pycryptodome # B501 : request_with_no_cert_validation # B502 : ssl_with_bad_version # B503 : ssl_with_bad_defaults # B504 : ssl_with_no_version # B505 : weak_cryptographic_key # B506 : yaml_load +# B507 : ssh_no_host_key_verification # B601 : paramiko_calls # B602 : subprocess_popen_with_shell_equals_true # B603 : subprocess_without_shell_equals_true @@ -69,8 +73,11 @@ # B607 : start_process_with_partial_path # B608 : hardcoded_sql_expressions # B609 : linux_commands_wildcard_injection +# B610 : django_extra_used +# B611 : django_rawsql_used # B701 : jinja2_autoescape_false # B702 : use_of_mako_templates +# B703 : django_mark_safe # (optional) list included test IDs here, eg '[B101, B406]': tests: [B102, B103, B302, B306, B308, B309, B310, B401, B501, B502, B506, B601, B602, B609]